Posted
by
samzenpus
on Sunday April 24, 2011 @05:10PM
from the another-brick-in-the-wall dept.

alphadogg writes "The outage of Sony's PlayStation Network and Qriocity service, now in its fourth day, looks set to continue after the company said on Sunday that it is 'rebuilding' its system to better guard against attacks. Sony said on Saturday that the outage was caused by an 'external intrusion' into the network, but has yet to detail the problem. The PlayStation Network is used for PlayStation 3 online gaming and sales of software to consoles and the PlayStation Portable. The Qriocity service runs on the same network infrastructure and provides audio and video to Sony consumer electronics products."

Is any of this the result of Sony's PSN being a free service? Could something like this happen just as easily on Xbox Live, or would it be more difficult since they charge for the service and are therefore able to put more money into it?

No, I wasn't suggesting anything. I know Sony is a large company with a lot of money and resources, but I'm pretty ignorant as to how they allocate all of those resources. It was something I was curious about, so I asked.

Isn't that like saying that Windows should have fewer security holes then Linux because they charge for the product and are therefore able to put more money into it? It's nonsense.

In a weird way, your question mimics the claim made by MicroSoft: Windows is better because you have to pay for it, and so MS has a stake in providing a good and reliable user experience. In fact, this argument works in some business/government circles, because they feel that without a business organization backing up the product, there is no accountability.

So for some users, it is NOT nonsense. Even when real world experience shows MS does a worse job then open source alternatives.

So that is IBM/HP/Red Hat exactly? I know how I find security of mind. It is when my accountant chokes on the bill and gasps while clutching his heart, "there isn't enough money in the world to pay this hourly rate". Then I know I went right and got an IBM guy in to do the job.

Seriously, how do you expect me to sleep well at night with some MSCE guy charging minimum wage? Dammit, your bill got to bleed the company dry. That is a sign of quality.

No real active "attack", just Sony needing an excuse to have the network down for a week to retrofit security to stop consoles with modified software from connecting ("I know !! we'll blame teh haxx0rs and play the victim rather than look like ones at fault for not providing service for a week! Since people are messing with our consoles, it's not really a lie!"), or

Do you have any contacts at Sony internally? Do you have any insight aside from what they do publicly? I've got some friends who work at Sony's call center for PS3/PSP support and they're telling me a different story.

There's no way they pick a holiday weekend and a week with a reasonably big name release in it to take it down on purpose. Well I guess they have done a bunch of stupid things in the past, so maybe that's not so certain.

Even at $99 per year, App Hub is already good PR for Microsoft, compared to Nintendo which flatly rejects all home-based businesses and Sony whose developer relations web site isn't even responding. Likewise, the iPhone Developer Program at $99 per year was good PR compared to what came before it, namely the headaches of BREW.

believe consoles have it ass-backwards. i think their licensed development model, in its entirety, is retarded. i say we let consumers pay full price for the hardware and not have developers subsidize them. then, we just let anyone develop for them. it would seem that the established publishing houses would not like that very much. if we can blur the lines between pc and consoles going one way, why not the other way, too? would you prefer os vendors to start charging development fees? goose, gander, etc.

Sony probably relied entirely on client side security, assuming that the PS3 was unbreakable.

That, and thanks to their attempts to keep people on the latest "secure" firmware, PSN services that shouldn't be PSN services like Netflix and Hulu are now hosed (except for some people who apparently use the same password for all their accounts and can hit cancel at the login screen). If Netflix hadn't allowed the PSN-free disc to be disabled, we could be using it right now.

Now I'm as disenchanted with Sony as the next geek.. But plucking claims out of thin air doesn't really help..The real answer is that it can actually be pretty good, just someone found a way in that's pretty pervasive to their design or implementation.Still, no matter how good (or not) it was before, it can obviously be improved.. Someone will almost certainly break the next version, if they try hard enough (quite a few will probably be picked up on the IDS, and perhaps charged before then).How good it re

My netflix works regardless of my PSN connection. My PSN and Netflix accounts do not use the same password either. Netflix asks to log in to PSN twice, and when it cannot it just continues on and works normally (this has happened on several occasions when my PSN log in did not work for whatever reason). I was actually quite surprised at this; I thought netflix actually had put some thought into designing a robust system. Does this not work for everyone?

Works on my fat (the original model from 1st release), but not on the slim purchased this past week, despite having the same firmware version. I have no idea why one can use Netflix and the other can't.

Netflix is not hosed. It works as long as you allow the login process to time out a couple of times. I use a unique password for every online service I am a part of and I was able to access Netflix last night.

For those of you that use your PS3 mainly for streaming Netflix (like me), just keep hitting login after you've gone to the red 'Netflix' screen. It will try to login and fail about 3 to 5 times in a row. Then you will be able to access your Netflix account like normal.

Unfortunately, it isn't madness. It just isn't being done for your benefit.

From the perspective of designing failure-tolerant systems, artificially coupling distinct functions is, indeed, completely nuts. However, if your primary objective is control, rather than failure tolerance, reducing the number of things that your device is good for when severed from the mothership is entirely sensible. All kinds of DRM and trusted-client related problems become easier if you can force the client to talk to you at

I can't imagine the PSN is anything less than PCI-E compliant. That means they can't store the credit card number -- only the last four digits of it. The first time they charge your card, an authorization number is provided along with the transaction. Future transactions then re-use that authorization number, which is validated to make sure that the repeated transactions come only from the same merchant as the initial charge.

If they couldn't store the CC number, you would have to enter it in every time, which I don't think is the case with PSN.

Apparently you didn't read anything I wrote. You don't have to re-enter the CC every time because PCI-E compliant shops store and re-use an authorization number they receive the first time you make a purchase.

Sony is such a wonderful company, I'm sure they will be happy to give me a partial refund for not being able to use the GT5 online features this month. They were so nice when they told me they would automatically remove the other OS software for me, I didn't have to do a thing. Just agree to let them do it. If I didn't agree, I was no longer able to use the PS3 for any network games as promised, but I give them that one- they knew it was for my own good. They were also really looking out for me and even put software on music CD's and DVD's (the last place you would expect to find executable code) and it would install all by itself and I didn't even have to worry about all the windows setup junk. To top it off, they even scanned my hard drive to let me know if anyone had put shared music on it! all for free! they never charged me a thing for doing any of this! What a nice company. Obama even went and had his recent fund raiser at Sony. They must be great! No politician would ever be dirty!

I feel a enormeous curiosity about what the problem is. Is something mundane?, like a cascade error, or really a intrusion?. I feel I would love to read a novel or a article about the issue here:D

Sony has ben fighting the esence of hacking on latelly. The problem with GeoHot and the hackers is political. The hackers think that can open the hardware that own, and toy with it, and spread any information that learn from the machine. Sony want to use the system to stop these people from doing so, and seems v

And this, ladies and gentlemen, is why gamers will never be taken seriously.
This attitude of "Fuck rights! I want mah GAEMS!" that has been displayed by many gamers during the entire GeoHot Vs Sony episode has me seriously perplexed.

Nope.He hacked (read "tinkered with") the hardware bought and owned outright. If there is a way of modifying a piece of hardware such that it allows unauthorized access to an external network (the playstation store, etc.), then that network is faulty. Do you suppose I can hack my PC to access MSN without authority?Beyond that point, though, there is another: He never accessed PSN, and thus the store - at least according to his court submissions. He couldn't use "having not agreed to any license terms" as a

And this, ladies and gentlemen, is why gamers will never be taken seriously.
This attitude of "Fuck rights! I want mah GAEMS!" that has been displayed by many gamers during the entire GeoHot Vs Sony episode has me seriously perplexed.

I find it really telling that the people who post such things like the tripe quoted here feel that only THEY have rights - the rights of normal gamers is just collateral damage [softpedia.com]

You've got to be kidding me. GeoHot and fail0verflow uncovered security flaws, and some pathetic gamer responds that they should be shot in the head. Sony was the one to act like a bunch of Gestapo in response to the security flaws. GeoHot and fail0verflow are not responsible for any attacks on Sony's network.

The parent poster also said nothing about supporting attacks on Sony's network, and Anonymous has disavowed that this is their doing. For all anybody knows, Sony is having trouble of their own making and blaming it on outside parties.

They did more than just sue him. They went after all his personal devices, they censored him from speaking about the jailbreak, and they went after the information of all the people that viewed or commented on his site, his Google blog, his YouTube videos, or Twitter.

The Gestapo wasn't all about gas chambers. It was also about excessive police tactics. All this because somebody exposed a security flaw, something that is done all the time with operating systems, browsers, and other applications.

Do not assume that rights belong to such entities as a majority. Because you'll be incredibly sorry when you turn out to be in the minority. Individuals have rights, be them the lone nut or everyone else. Besides, the only thing making this a 'rights' issue is that those rights are being centrally managed by a purely evil entity (Sony). They've taken rights away and they haven't properly evaluated the ramifications of consequences... Or they did and don't give a damn about you and everyone else sufferi

When you start attributing qualities like "evil" and "good" to abstract entities like a huge multitude of individuals just in order to try and make points AGAINST such entities as you might be biased against, is when you lose credibility.

Oh, come on. There's nothing biased or incredible about calling Sony evil. They do not have any lofty goals whatsoever. They care only about two things: money and power (control). And they've proven several times that they have very little in the way of scruples in how they get that money and power. I think you can safely call that evil.

Are they more evil than a company like Monsanto that willfully deals with corrupt civil servants in Africa in order to restrict the freedom of African farmers? Probably not.

Evangelizing Microsoft? On what alternate slashdot have you been hanging out? During Slashdot's existence, Microsoft has received far more hate than all other companies put together. If it's receiving less hate now than in previous years, that's because Microsoft isn't doing quite as dirty deals as it used to, and occasionally seems to be bettering itself. At least in comparison to where companies like Oracle, Sony and Apple are heading.

I agree with you that the military-industrial complex, big pharma and b

I don't restrict myself to reading only PS3 threads. On almost every single Microsoft-related thread, Microsoft gets its fair share of criticism (which is quite a lot). I suspect your view is somewhat biased.

Sure, who cares about pirates? But what about the people who paid for a feature that was subsequently removed? That should be about as illegal as it gets, yet it's what Sony did. And it's Sony's crippling of their own product that caused people to try to re-enable it again. If that enabled piracy, then that's on Sony's head.

And this, ladies and gentlemen, is why gamers will never be taken seriously. This attitude of "Fuck rights! I want mah GAEMS!" that has been displayed by many gamers during the entire GeoHot Vs Sony episode has me seriously perplexed.

There are 50 million PS3 consoles out there.

8 million MOVE controllers.

70 million PSN accounts. 17 million PlayStation Home social networking accounts.

These numbers, sourced here from the Wikipedia, are credible. No one on these pages has ever posted anything of the sort for home use of the OtherOS.

The PS3 Fat has been out of production for close on to three years.

The OtherOS implied dual-booting into a DIY install of an obscure Linux distribution with a desktop GUI and limited access to system resoures.

Gamers aren't really human beings. They are kind of a primate with plant-like features, strongly conditioned, and haven't developed critical abilities or the capacity for historical perspective. While we can't expect anything like moral or social reasoning from them, we can respect their amazing skills and amusing antics, and seek to preserve their numbers as their habitat is threatened by human progress.

Nobody expects the gamers to back in this, and that is the problem. The problem is Sony is setting a dangerous precedent. Today remove other OS, because few use it and few care about it it is safe to remove with minimal complaints, establish the precedent in court that basically allows them to remove features included with a system at the time of sale from the small handful of complainers, now they can remove previous console compatibility or anything they deem not worth the money at any time. Sony wants a

I'm not usually a fan of the slippery slope argument, but I can see you working. Even without going to "What could Sony do next?" The original argument is still quite valid. When the PS3 was first released, there were some users who went and purchased one (over a competitor) because they liked the OtherOS option. It was an advertised capability.

I'm fine with the PS3 Slim not shipping with that capability, nobody who bought one was granted that feature. That's the price of the shiny new box.

Sony is responsbile for that drama. They can't fix the consoles now that the key is out. They should have just kept quiet and banned the consoles that were not running the official Sony software (or using cheats). This whole thing would have never happened if they just stayed low key. instead they take him to court, confiscate his shit and send C&D's to anyone who posted the key which caused the Anon response.

Sony overreacted.. and they know it.. else they wouldn't have settled out of court.

Their "overreaction" is the same for any company. Why is Sony treated differently? Remember, they are a conglomerate. Their games division is not affiliated with their music/movie division, and their electronics division isn't affiliated either (beyond interoperability between consoles and TVs.) Which is why you can see products one division makes diametrically opposed to other divisions' stated goals. Sometimes they converge (minidisc, at least the consumer edition), but most of the time they're separate.

Intentionally or not, you have posted a falsehood. You need look no further than Bill Gates to prove that. Allow me to quote or misquote him:

"We would rather have them pirating our operating system, than using the competition's operating system!" Microsoft can and will go after business concerns for piracy, but they do not prosecute Random Joe Hacker.

what does Apple do to jailbreakers? nothing.what does MS do to non commercial pirates? nothing. (except for the genuine advantage check)what does Bilzzard/Activation do to WoW cheaters? ban/suspend account and associated credit cards.what does MS do the XBLA cheaters? ban account/console

Sony is doing what the RIAA/MPAA does (maybe because they members of both?)

software piracy has been around long before music/movie piracy - i can't rememer a single incident where software companies filed john does against everyone they THOUGHT stole something.

they settled because:1) the PR shitstorm2) economic impact (they can't undo the damage - their resources are best spend mitigating it - ban the consoles and credit cards3) weak case - it's not clear (to me) that GeoHot did anything against their TOS. which clause was violated? win or lose the lawsuit the key is still out there. why did the EFF coume out AGAINST Sony? http://www.eff.org/deeplinks/2011/01/sony-v-hotz-sony-sends-dangerous-message [eff.org]

i say again - by doing what they did, they brought this on themselves.

Jailbreaking is distinctly different from circumventing a copy / rights protection mechanism. But of course Apple DID object to it [wired.com] and cited the DMCA amongst other laws. They failed because their case wasn't strong enough.

what does MS do to non commercial pirates? nothing. (except for the genuine advantage check)

People have extrapolated that because MS privately prefers pirates to be using their desktop OS than a rival's somehow it applies to consoles or oth

Sony's position did send a message though -- it means that the origin of future PS3 cracks and other items will have be kept secret so the Sony legal brigade doesn't make an example out of someone else.

Why is this a major victory for Sony? Simple. There is no way to tell exactly where a supposed crack came from. This means that it will be extremely difficult to tell a "good" patch to allow homebrew modding from malicious code that permanently bricks a device.

Simply put, Sony claims that it's illegal for users to access their own computers in a way that Sony doesn't like. Moreover, because the CFAA has criminal as well as civil penalties, Sony is actually saying that it's a crime for users to access their own computers in a way that Sony doesn't like.

How about fuck you, people who lump GeoHot, failoverflow with Anonymous, who lump people who want to modify their hardware with people who hack networks and cheat without any proof, who want people arrested and killed for such mundane things as wanting to modify their own console, and OTHERS taking those tools and abusing it.

1. Sony kills GeoHot.
2. Investigators trace the murder back to Sony.
3. The media report about the murder.
4. The public equates Sony with organized crime.
5. Sony proper makes a public effort of distancing themselves from SCEA, possibly even disbanding the entire division (and probably firing a lot of employees in the process).
6. The bad PR piles up and Sony is marginalized on the American market as nobody wants to deal with them.

Sure it's the person in charge of the IT or the person in charge of funding the IT?

Most problems IT has known about for quite some time, since IT built the systems. They know precisely where the failures could happen and have probably thought of ways to work around them, but it all comes down to funding.

If the person who signs the paycheck says "we aren't doing that" then that's it--done.

Try this old game called LIFE , it is a hell of a game, comes with a life subscription , completely interactive and has over 6 billion players. No respawn , no cheats unless it is with a partner that isn't your Sig Other. It has no down time unless you end the game. According to myth , the developer hacked it out in 6 days.
I would rate it 6 stars out of 5.

Unfortunately, there are some serious game-balance issues. While the risk of being spawn-camped is pretty low(NPCs usually end up killing anybody who hangs out in the maternity ward with a rocket launcher...); but some spawn points seriously suck.